Mobile threats

This section of the report forms part of the Kaspersky Security Bulletin 2012 and is based on data obtained and processed using Kaspersky Security Network (KSN).

This is Kaspersky Lab’s annual threat analysis report covering the major issues faced by corporate and individual users alike as a result of malware, potentially harmful programs, crimeware, spam, phishing and other different types of hacker activity.

According to KSN data, Kaspersky Lab products detected and neutralized 1,347,231,728 threats in Q3 2012.

According to KSN data, Kaspersky Lab products detected and neutralized over 1 billion threats in Q2 2012.

We’ve got 5 new files of ZitMo: 4 for Blackberry and 1 for Android.

A new family of SMS Trojans named Vidro appeared a few days ago but we’ve already collected a lot of APK files with very similar functionality. At the moment all the samples we have found target users only from Poland.

Yesterday we were contacted by our partner MegaFon, one of the major mobile carriers in Russia. They notified us about a suspicious application, which was found in both the Apple App Store and Google Play. At first glance, this seemed to be an SMS worm spread via sending short messages to all contacts stored in the phone book with the URL to itself.
However, our analysis of the iOS and Android versions of the same application showed that it’s not an SMS worm but a Trojan-Spy that uploads a user’s phonebook to remote server. The “replication” part is done by the server – SMS spam messages with the URL to the application are being sent from the remote server to all the contacts in the user’s address book.

On the 4th of June 2012 we found 3 APK files heuristically detected by our engine as HEUR:Trojan-Spy.AndroidOS.Zitmo.a. All these applications are malicious and were created to steal incoming SMS messages from infected devices.

So, Foncy is dead. And what is Mania? Mania is an SMS Trojan which currently only targets users of Android from France and its code is very similar to the code of the Foncy malware.

According to KSN data, Kaspersky Lab products detected and neutralized almost 1 billion malicious objects in Q1 2012.

The following statistics were compiled in April using data collected from computers running Kaspersky Lab products

The investigation into the Duqu Trojan is into its sixth month, and March brought further progress as we were able to establish which language was used for its Framework code.

The IT security world in 2011 can be summed up in a single word – explosive!

In 2011, mobile malware reached a new qualitative level.

Does the Bouncer will be effective in addressing the malware problems with Android apps? Is it still a good idea to use a mobile security program for protection even with Bouncer in place? Are there ways for hackers to sneak infected apps into the store despite Bouncer?